The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated config download and file disclosure vulnerability when calling the ExportConfig REST API (getConfigExportFile.cgi). This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access.
28f859be185735a935a473e099613589b8afccb4843208fedf69d3181dd9add9Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization.
4cce626d1539e2d1d2f295b036e17ec9f4779d6658a6a91f1e7574c7c10e9d5dTeltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.
3b891e67dc7f84a78fafd4de519a7224bdb6d898a5ad5c79db67551a91fc0d24man-cgi versions prior to 1.16 suffer from a local file inclusion vulnerability.
656d2efdebbfc676809fb219798a80e508b90134287bfb9d8e75181c05e3501dMicrohard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from a system backup configuration file 'IPn4G.config' in '/' directory or its respective name based on the model name including the similar files in '/www/cgi-bin/system.conf', '/tmp' and the cli.conf in '/etc/m_cli/' can be downloaded by an authenticated attacker in certain circumstances. This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access. Many versions are affected.
3308505cfc0dc6793c720ed8984af9ae73fb959eb91433b4b2602436f3c76825This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simple_loglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.12.0.19 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.12.0.4 firmware.
b06cdd72647a3c5ae361e51c53891472ce5c21a9a290972228f38c754cae44d6Ubuntu Security Notice 3665-1 - It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that Tomcat contained incorrect documentation regarding description of the search algorithm used by the CGI Servlet to identify which script to execute. This issue only affected Ubuntu 17.10. Various other issues were also addressed.
adc3401f4c6099499fc7f32dd5cfa60804e4fe107e205fa1ebecec9060700bf5Teradek VidiU Pro version 3.0.3 suffers from a stream disclosure vulnerability in snapshot.cgi.
1ec16c77ff64530a16f5ee014a1d612f9f673ff0d860df47d7438147ddb9ecf5Teradek Slice version 7.3.15 suffers from a stream disclosure vulnerability in snapshot.cgi.
526c66045fa6be523cc8edfa55dcf7233f85933c7c408e5105ac9f7a66500f44Teradek T-RAX version 7.3.2 suffers from a stream disclosure vulnerability in snapshot.cgi.
69d8a2bfab670f5bce274a6f980f3cf8b6cd28a765740ec72516f1a6fc6cb370Teradek Cube version 7.3.6 suffers from a stream disclosure vulnerability in snapshot.cgi.
88954f646ded8b7e83029b9f42aae86899a385a53ce2d403178347c0cae7ba17Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi remote code execution vulnerability.
8320cd451f55d0feeed44694d94eb4d4ebd31a347fc8e66647043d1614a99308This Metasploit module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.
bee949e92c0ea2f22d837f57390d8e28e16e861007e5e679292d373e6ac8037aD-Link routers 110/412/615/815 versions prior to 1.03 suffer from a service.cgi arbitrary code execution vulnerability.
651186c87c851fe922b89dd1f1984831bd08a44f073434250ee0cab39587d7f9Synology DiskStation Manager (DMS) versions prior to 6.1.3-15152 suffer from a forget_passwd.cgi user enumeration vulnerability.
badeff38c0b5be1a4c2359ece25657ca8c8f3d34316f5218270d5f7e18e562d5Synology StorageManager version 5.2 suffers from a remote root command execution vulnerability in smart.cgi.
8b6426fb7ecab4c3be36761c437ebb2dc9019377c22d2acbac83d341781b3249This Metasploit module exploits an unauthenticated OS command execution vulnerability in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models.
86c53ad96211bee0a0215a95caed6678b01af806833286d61151eee772e71fa9IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.
f8bdea7a53ee5a4ab20fad1a03f6c2a2dfaa0823d9fec5b982ed96aa724d1965Sonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.
329940cf4063e7a9fb0d94eae38b5e003d9143b085469fa57ef97279bed2d20eVarious WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi (implemented in libmtk_httpd_plugin.so).
1c406ac717264e13cef5f2341197c0e2013b4a9fe6fe7c509442d497b4bb32b7Ubuntu Security Notice 3253-2 - USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Dawid Golunski discovered that Nagios incorrectly handled symlinks when accessing log files. A local attacker could possibly use this issue to elevate privileges. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. Various other issues were also addressed.
9cd930c45365b94384d95a76fd5e0a17478d59a64a006c5ca2020bd550784c72EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the 'path' GET/POST parameter parsed by 'usbinteract.cgi' script.
d1c799db7f9176c2a6b0027bf79644fb435f7c9a61e487538ff26b55f1a89a22This Metasploit module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.
fdde35982e5ae8f4f3cfc494b6eb51af6b81f5d276ee9db4ad67d0db0267baf2Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a dlp_policy_upload.cgi information disclosure vulnerability.
2b95ab05b45548336e8b0ff756872ed3b5e7c96533959277415f4b7a3ac66de3Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a logoff.cgi directory traversal authentication bypass vulnerability.
2d89facad03b2aadfc7a64dbc4b3ae3e700fb5257315bc07a0d5dac0b54f2211
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed